CN105512555A - Homologous family dividing and mutation method and system based on file string cluster - Google Patents
Homologous family dividing and mutation method and system based on file string cluster Download PDFInfo
- Publication number
- CN105512555A CN105512555A CN201410762181.1A CN201410762181A CN105512555A CN 105512555 A CN105512555 A CN 105512555A CN 201410762181 A CN201410762181 A CN 201410762181A CN 105512555 A CN105512555 A CN 105512555A
- Authority
- CN
- China
- Prior art keywords
- family
- vector
- file
- file destination
- mutation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000035772 mutation Effects 0.000 title claims abstract description 77
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000004458 analytical method Methods 0.000 claims description 15
- 230000003068 static effect Effects 0.000 claims description 9
- 238000000605 extraction Methods 0.000 claims description 6
- 241000700605 Viruses Species 0.000 description 7
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 244000035744 Hura crepitans Species 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 208000015181 infectious disease Diseases 0.000 description 1
- 230000004224 protection Effects 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
- Debugging And Monitoring (AREA)
Abstract
Description
Claims (6)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410762181.1A CN105512555B (en) | 2014-12-12 | 2014-12-12 | Based on the homologous family of division of file character string cluster and the method and system of mutation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410762181.1A CN105512555B (en) | 2014-12-12 | 2014-12-12 | Based on the homologous family of division of file character string cluster and the method and system of mutation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105512555A true CN105512555A (en) | 2016-04-20 |
CN105512555B CN105512555B (en) | 2018-05-25 |
Family
ID=55720528
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410762181.1A Active CN105512555B (en) | 2014-12-12 | 2014-12-12 | Based on the homologous family of division of file character string cluster and the method and system of mutation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105512555B (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107092829A (en) * | 2017-04-21 | 2017-08-25 | 中国人民解放军国防科学技术大学 | A kind of malicious code detecting method based on images match |
CN108256325A (en) * | 2016-12-29 | 2018-07-06 | 中移(苏州)软件技术有限公司 | A kind of method and apparatus of the detection of malicious code mutation |
CN108694319A (en) * | 2017-04-06 | 2018-10-23 | 武汉安天信息技术有限责任公司 | A kind of malicious code family determination method and device |
CN109145605A (en) * | 2018-08-23 | 2019-01-04 | 北京理工大学 | A kind of Android malware family clustering method based on SinglePass algorithm |
CN110210217A (en) * | 2018-04-26 | 2019-09-06 | 腾讯科技(深圳)有限公司 | A kind of recognition methods of file, equipment and computer readable storage medium |
CN111666404A (en) * | 2019-03-05 | 2020-09-15 | 腾讯科技(深圳)有限公司 | File clustering method, device and equipment |
CN113268987A (en) * | 2021-05-26 | 2021-08-17 | 北京百度网讯科技有限公司 | Entity name identification method and device, electronic equipment and storage medium |
CN113836534A (en) * | 2021-09-28 | 2021-12-24 | 深信服科技股份有限公司 | Virus family identification method, system, equipment and computer storage medium |
CN113987502A (en) * | 2021-12-29 | 2022-01-28 | 阿里云计算有限公司 | Object program detection method, device and storage medium |
CN114021138A (en) * | 2022-01-05 | 2022-02-08 | 北京微步在线科技有限公司 | Construction method of homologous analysis knowledge base, homologous analysis method and device |
CN114662111A (en) * | 2022-05-18 | 2022-06-24 | 成都数默科技有限公司 | Malicious code software gene homology analysis method |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101944167A (en) * | 2010-09-29 | 2011-01-12 | 中国科学院计算技术研究所 | Method and system for identifying malicious program |
US20130097704A1 (en) * | 2011-10-13 | 2013-04-18 | Bitdefender IPR Management Ltd. | Handling Noise in Training Data for Malware Detection |
CN103679019A (en) * | 2012-09-10 | 2014-03-26 | 腾讯科技(深圳)有限公司 | Malicious file identifying method and device |
CN103902905A (en) * | 2013-12-17 | 2014-07-02 | 哈尔滨安天科技股份有限公司 | Malicious code generator identification method and system based on software structure cluster |
CN104036187A (en) * | 2013-03-04 | 2014-09-10 | 阿里巴巴集团控股有限公司 | Method and system for determining computer virus types |
-
2014
- 2014-12-12 CN CN201410762181.1A patent/CN105512555B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101944167A (en) * | 2010-09-29 | 2011-01-12 | 中国科学院计算技术研究所 | Method and system for identifying malicious program |
US20130097704A1 (en) * | 2011-10-13 | 2013-04-18 | Bitdefender IPR Management Ltd. | Handling Noise in Training Data for Malware Detection |
CN103679019A (en) * | 2012-09-10 | 2014-03-26 | 腾讯科技(深圳)有限公司 | Malicious file identifying method and device |
CN104036187A (en) * | 2013-03-04 | 2014-09-10 | 阿里巴巴集团控股有限公司 | Method and system for determining computer virus types |
CN103902905A (en) * | 2013-12-17 | 2014-07-02 | 哈尔滨安天科技股份有限公司 | Malicious code generator identification method and system based on software structure cluster |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108256325A (en) * | 2016-12-29 | 2018-07-06 | 中移(苏州)软件技术有限公司 | A kind of method and apparatus of the detection of malicious code mutation |
CN108694319A (en) * | 2017-04-06 | 2018-10-23 | 武汉安天信息技术有限责任公司 | A kind of malicious code family determination method and device |
CN108694319B (en) * | 2017-04-06 | 2021-04-16 | 武汉安天信息技术有限责任公司 | Malicious code family judgment method and device |
CN107092829A (en) * | 2017-04-21 | 2017-08-25 | 中国人民解放军国防科学技术大学 | A kind of malicious code detecting method based on images match |
CN107092829B (en) * | 2017-04-21 | 2020-03-17 | 中国人民解放军国防科学技术大学 | Malicious code detection method based on image matching |
CN110210217A (en) * | 2018-04-26 | 2019-09-06 | 腾讯科技(深圳)有限公司 | A kind of recognition methods of file, equipment and computer readable storage medium |
CN109145605A (en) * | 2018-08-23 | 2019-01-04 | 北京理工大学 | A kind of Android malware family clustering method based on SinglePass algorithm |
CN111666404A (en) * | 2019-03-05 | 2020-09-15 | 腾讯科技(深圳)有限公司 | File clustering method, device and equipment |
CN113268987A (en) * | 2021-05-26 | 2021-08-17 | 北京百度网讯科技有限公司 | Entity name identification method and device, electronic equipment and storage medium |
CN113268987B (en) * | 2021-05-26 | 2023-08-11 | 北京百度网讯科技有限公司 | Entity name recognition method and device, electronic equipment and storage medium |
CN113836534A (en) * | 2021-09-28 | 2021-12-24 | 深信服科技股份有限公司 | Virus family identification method, system, equipment and computer storage medium |
CN113836534B (en) * | 2021-09-28 | 2024-04-12 | 深信服科技股份有限公司 | Virus family identification method, system, equipment and computer storage medium |
CN113987502A (en) * | 2021-12-29 | 2022-01-28 | 阿里云计算有限公司 | Object program detection method, device and storage medium |
CN114021138A (en) * | 2022-01-05 | 2022-02-08 | 北京微步在线科技有限公司 | Construction method of homologous analysis knowledge base, homologous analysis method and device |
CN114662111A (en) * | 2022-05-18 | 2022-06-24 | 成都数默科技有限公司 | Malicious code software gene homology analysis method |
CN114662111B (en) * | 2022-05-18 | 2022-08-09 | 成都数默科技有限公司 | Malicious code software gene homology analysis method |
Also Published As
Publication number | Publication date |
---|---|
CN105512555B (en) | 2018-05-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105512555A (en) | Homologous family dividing and mutation method and system based on file string cluster | |
Fan et al. | Dapasa: detecting android piggybacked apps through sensitive subgraph analysis | |
Arshad et al. | SAMADroid: a novel 3-level hybrid malware detection model for android operating system | |
AU2022204197B2 (en) | Security weakness and infiltration detection and repair in obfuscated website content | |
Han et al. | Malware analysis using visualized image matrices | |
US10614243B2 (en) | Privacy detection of a mobile application program | |
US10303874B2 (en) | Malicious code detection method based on community structure analysis | |
CN105205397A (en) | Rogue program sample classification method and device | |
US10454967B1 (en) | Clustering computer security attacks by threat actor based on attack features | |
US20170109541A1 (en) | Identifying and tracking sensitive data | |
Bhattacharya et al. | DMDAM: data mining based detection of android malware | |
KR20200039912A (en) | System and method for automatically analysing android malware by artificial intelligence | |
US10664267B2 (en) | Automatically detecting feature mismatches between mobile application versions on different platforms | |
Nguyen et al. | Detecting repackaged android applications using perceptual hashing | |
CN115174250B (en) | Network asset security assessment method and device, electronic equipment and storage medium | |
CN112148305A (en) | Application detection method and device, computer equipment and readable storage medium | |
Kumar et al. | Machine learning based malware detection in cloud environment using clustering approach | |
Liu et al. | Using g features to improve the efficiency of function call graph based android malware detection | |
US9734229B1 (en) | Systems and methods for mining data in a data warehouse | |
Ndagi et al. | Machine learning classification algorithms for adware in android devices: a comparative evaluation and analysis | |
US9646157B1 (en) | Systems and methods for identifying repackaged files | |
CN111027065B (en) | Leucavirus identification method and device, electronic equipment and storage medium | |
US20190236269A1 (en) | Detecting third party software elements | |
Zhang et al. | Automatic detection of Android malware via hybrid graph neural network | |
KR20180097824A (en) | Method, apparatus, and system for automatically generating rule for detecting virus code, and computer readable recording medium for reciring the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address |
Address after: 150010 Heilongjiang science and technology innovation city, Harbin new and high tech Industrial Development Zone, No. 7 building, innovation and entrepreneurship Plaza, 838 Patentee after: Harbin antiy Technology Group Limited by Share Ltd Address before: 150090 room 506, Hongqi Street, Nangang District, Harbin Development Zone, Heilongjiang, China, 162 Patentee before: Harbin Antiy Technology Co., Ltd. |
|
CP03 | Change of name, title or address | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Homologous family dividing and mutation method and system based on file string cluster Effective date of registration: 20190718 Granted publication date: 20180525 Pledgee: Bank of Longjiang, Limited by Share Ltd, Harbin Limin branch Pledgor: Harbin antiy Technology Group Limited by Share Ltd Registration number: 2019230000007 |
|
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 150010 Heilongjiang science and technology innovation city, Harbin new and high tech Industrial Development Zone, No. 7 building, innovation and entrepreneurship Plaza, 838 Patentee after: Antan Technology Group Co.,Ltd. Address before: 150010 Heilongjiang science and technology innovation city, Harbin new and high tech Industrial Development Zone, No. 7 building, innovation and entrepreneurship Plaza, 838 Patentee before: Harbin Antian Science and Technology Group Co.,Ltd. |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20211119 Granted publication date: 20180525 Pledgee: Bank of Longjiang Limited by Share Ltd. Harbin Limin branch Pledgor: Harbin Antian Science and Technology Group Co.,Ltd. Registration number: 2019230000007 |